Monthly Archives: July 2010

Using wireshark and tcpdump

WireShark (was called ethereal) is a very nice GUI application that can capture (sniff) network packets of the wire (wireless) network. It’s very handy to use on a desktop or laptop but not on a server: it needs a lot of libraries (GTK dependency) and I don’t not want any extra things on the server.

My solution is to use tcpdump. The tcpdump is a small, CLI application that captures (sniff) network packets just like the WireShark. It can save the captured packets into a file. The format of the file is readable by WireShark. Thus, use tcpdump to capture the network packets on the server then transfer the file to my laptop for analysis via WireShark.

To capture the entire packet using tcpdump (run as root):

# tcpdump -s 0 -i eth0 -w ~/out.txt

Background:
I’ve been doing a lot of network programming. There are people out there who don’t really understand certain protocol yet they don’t use any libraries or tools to help them. Instead, they compose the problematic messages (packets) and said the system doesn’t work. I always have to debug for them by capturing the network packets off the wire and analyze them.

Advertisements

我的小妹 pong pong

当年
你还是小小的
我抱着你
在妈妈的床上喂你喝奶
同房的auntie们还说我厉害呢
这么快
你都已经长大
下星期
你就要离开家
到外地工作了
突然间
有种不舍
过去的一年
你毕业后呆在家里
其实我是感到庆幸的
爸妈有你陪着
每个月整家人都有聚在一起的机会
我很珍惜
因为有一天 这将不再